1. Field of the Invention
The present invention relates to an authenticated device and an individual authentication system.
2. Related Art
As this information-oriented society has rapidly become sophisticated and an increasing amount of information is being digitized, there is a strong demand for reliable individual authentication systems. An “individual authentication system” is a mechanism that includes an authenticated device that stores at least information unique to an individual (such as an ID number), and an authenticating device that reads the information and authenticates the individual. In the case of a credit card or a mobile phone handset, for example, it is necessary to authenticate the credit card or the mobile phone handset based on ID information, before a service is provided. The ID information cannot be kept secret, as it needs to be read out. However, if the ID information can be easily replicated, it becomes difficult to guarantee the credibility of the authenticated device. Therefore, it is necessary to develop an individual authentication system with which the credibility is guaranteed and the information as to the individual cannot be replicated.
In view of this background, individual authentication systems that use the spontaneous variations in characteristics of transistors integrated on LSIs as random-number ID information have been disclosed in “IC Identification Circuit using Device Mismatch, K. Lofstrom, et al., Tech. Dig. ISSCC 2000, WP 22.6, p 372 (2000)”, “An Artificial Fingerprint Device (AFD) Module using Poly-Si Thin Film Transistors with Logic LSI Compatible Process for Built-in Security, S. Maeda, et al., Tech. Dig. IEDM 2001, 34.5.1, p 759 (2001)”, and Japanese Patent Laid-Open Publication No. 2001-7290, for example.
In the above three references, the spontaneous variations in threshold values of transistors at the time of manufacturing are used. Digital information of “1” and “0” is allotted to the threshold value information, so as to randomly set a numeric value to each device. More specifically, whether the current value obtained in an operation of the transistor under desired operating conditions is larger than a certain value is indicated by the information of “1” and “0”.
Since the characteristics of each transistor element are represented by “1” or “0” in the references, the information can be easily replicated in practice. If the internal information of “1” and “0” is output directly or the characteristics of each transistor can be read out by some means, the digital information is replicated so as to produce a “spoofing” device that can be recognized as the same individual as the original when seen from the outside. Replication of digital information is not very difficult in technical terms, as a general-purpose ROM such as a flash memory can be used in doing so.
Moreover, the information in the individual is used for identification in the references. When authentication is to be performed via a network such as the Internet, data might be stolen along the way. So as to prevent “spoofing”, the number of bits in the data needs to be increased to a very large number. This leads to a huge increase in information management cost on the authentication side.